By Ian Katz
A Treasury Department official urged the U.S. financial-services industry to help the government identify cybersecurity threats to limit “technology’s potential for disruption and destruction.”
“We have had important recent reminders that our financial institutions and markets are vulnerable to malicious cyber- attacks and operational failures,” Cyrus Amir-Mokri, the Treasury’s assistant secretary for financial institutions, said in the text of a speech today at a Securities Industry and Financial Markets Association conference in Boca Raton, Florida.
The Financial Stability Oversight Council, a group of regulators led by Treasury Secretary Jacob J. Lew, raised concerns about cybersecurity in its annual report last week. In 2012, more than a dozen financial institutions received attacks on their public websites, “all of which were attributable to one group,” according to the report, which didn’t name the perpetrator.
In his speech, Amir-Mokri suggested that financial industry associations “should have well-developed protocols” to give members information they receive from the government.
“You and your associations may even consider establishing information clearinghouses that gather information about recent threats, indicate whether these threats led to incidents, and document the manner in which the threats or incidents were addressed or mitigated,” he said.
Amir-Mokri, speaking at an operations conference held by SIFMA, Wall Street’s largest lobbying group, said “government alone cannot keep our financial system safe. The responsibility of protecting our financial sector rests also with the sector itself.”
White House National Security Adviser Thomas Donilon said last week in New York that the U.S. has insisted that cybersecurity be central to any dialog with China, and Lew has said he raised the issue with China’s new leadership during his visit to the country in March.
Ties between the U.S. and China have been strained by a report from a U.S. security company, Mandiant Corp., saying China’s army may be behind cyberattacks on companies worldwide. Chinese officials have rejected the findings.